Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
File: 38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: PGX7RtG8J0s2SpixoTjnv9npBUX4yOdxx3GLGD5nB2E=
Subject key identifier: 75:62:E1:3B:8D:21:1B:35:C5:75:18:EF:83:F0:DB:99:D5:68:15:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 102F861EEB125821F8DBE7937AA277A40AAB4465
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
Signing time: Mon 27 Jan 2025 16:45:31 +0000
ROA not before: Mon 27 Jan 2025 16:40:31 +0000
ROA not after: Mon 26 Jan 2026 16:45:31 +0000
asID: 216151
IP address blocks: 83.136.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:2f:86:1e:eb:12:58:21:f8:db:e7:93:7a:a2:77:a4:0a:ab:44:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 16:40:31 2025 GMT
Not After : Jan 26 16:45:31 2026 GMT
Subject: CN=7562E13B8D211B35C57518EF83F0DB99D5681519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a7:5a:bd:ae:25:e7:16:b5:e2:88:3e:88:ae:
9b:32:03:52:15:0f:51:b9:f3:e6:ff:f2:46:7b:3f:
09:37:30:c0:8f:4d:73:04:ab:0e:37:37:b0:a7:af:
c4:b6:7a:15:b8:65:17:98:e1:4b:cd:d0:9f:6f:38:
ff:b9:8b:98:3b:a9:22:7c:59:61:14:68:92:1f:1d:
8c:54:21:f3:00:4b:54:54:93:e1:aa:64:49:fc:e6:
c1:74:f3:c0:ea:92:98:e0:f3:1f:fa:6b:94:bc:bf:
31:d2:d6:5b:d9:c8:8b:10:66:8a:ad:c5:65:c7:f0:
d5:0b:88:37:3c:a7:d5:a0:3d:19:ca:d6:d9:16:a5:
b6:0d:f5:f7:5d:2e:b1:00:b1:6a:65:f9:b3:e4:1e:
c8:54:bc:bd:d3:8f:66:86:90:ac:99:41:02:5f:2a:
9c:b1:39:19:70:55:ea:ff:1c:f1:12:6f:84:a9:4f:
75:10:c5:22:7c:2d:a2:dc:df:1e:46:bd:53:24:e5:
7e:ba:2c:9e:c0:c6:b6:5e:c4:28:9a:c6:8e:e8:c9:
41:ba:34:32:29:e1:28:25:0f:7f:13:05:0a:35:9c:
1b:e7:46:9a:df:2b:f6:2e:d9:3d:4f:30:af:35:da:
5a:a6:04:af:ed:4f:75:f7:a9:d6:61:02:e6:89:7c:
eb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:62:E1:3B:8D:21:1B:35:C5:75:18:EF:83:F0:DB:99:D5:68:15:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138312e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.181.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e0:e1:1e:9c:a8:da:60:63:6d:32:a6:b9:81:cd:f8:67:e7:
e7:b2:8b:6b:a0:08:c3:11:81:5b:36:f9:07:2d:a9:49:95:85:
fb:25:55:4e:5b:21:db:37:78:5b:df:3e:4b:66:a7:f4:48:e4:
76:f4:70:88:0b:e8:62:5c:8b:aa:90:be:d1:58:97:cf:a0:0d:
4b:bc:e3:39:62:62:be:d4:2d:bc:5a:5d:04:c2:c0:eb:e7:2e:
de:63:fa:10:90:10:02:f9:71:43:38:c8:bf:12:f8:46:d8:c4:
d0:6b:8e:cf:fa:db:de:9d:08:6b:b3:64:2a:4a:2d:9e:e3:33:
c7:c5:33:b2:71:1d:f8:cd:41:3f:ec:c0:72:4f:d0:93:6d:d7:
d0:a3:c3:5c:6a:fb:fb:08:f6:33:bb:bd:8f:d9:cf:fa:2c:0a:
e1:6d:c6:ba:fe:4e:f6:1a:6c:5f:92:e4:49:f1:f6:8e:36:09:
ec:18:d5:8c:9d:fb:51:b9:3c:80:dd:67:32:cb:10:44:2f:67:
7e:39:2c:e2:57:a1:9f:5c:c6:fc:c5:c8:4e:a0:ab:35:b6:29:
36:ad:73:5d:53:ac:6f:17:e3:c2:b1:04:b4:9c:7c:d9:f5:9c:
84:d1:22:e9:2f:4b:ee:1d:7b:4a:ef:41:29:ba:be:c6:f9:f5:
e9:d7:78:97
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEC+GHusSWCH42+eTeqJ3pAqrRGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcxNjQwMzFaFw0yNjAxMjYxNjQ1MzFaMDMxMTAvBgNV
BAMTKDc1NjJFMTNCOEQyMTFCMzVDNTc1MThFRjgzRjBEQjk5RDU2ODE1MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIp1q9riXnFrXiiD6IrpsyA1IV
D1G58+b/8kZ7Pwk3MMCPTXMEqw43N7Cnr8S2ehW4ZReY4UvN0J9vOP+5i5g7qSJ8
WWEUaJIfHYxUIfMAS1RUk+GqZEn85sF088Dqkpjg8x/6a5S8vzHS1lvZyIsQZoqt
xWXH8NULiDc8p9WgPRnK1tkWpbYN9fddLrEAsWpl+bPkHshUvL3Tj2aGkKyZQQJf
KpyxORlwVer/HPESb4SpT3UQxSJ8LaLc3x5GvVMk5X66LJ7AxrZexCiaxo7oyUG6
NDIp4SglD38TBQo1nBvnRprfK/Yu2T1PMK812lqmBK/tT3X3qdZhAuaJfOslAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdWLhO40hGzXFdRjvg/DbmdVoFRkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLUwDQYJKoZIhvcNAQELBQADggEBAFLg4R6cqNpgY20yprmBzfhn5+eyi2ug
CMMRgVs2+QctqUmVhfslVU5bIds3eFvfPktmp/RI5Hb0cIgL6GJci6qQvtFYl8+g
DUu84zliYr7ULbxaXQTCwOvnLt5j+hCQEAL5cUM4yL8S+EbYxNBrjs/6296dCGuz
ZCpKLZ7jM8fFM7JxHfjNQT/swHJP0JNt19Cjw1xq+/sI9jO7vY/Zz/osCuFtxrr+
TvYabF+S5Enx9o42CewY1Yyd+1G5PIDdZzLLEEQvZ345LOJXoZ9cxvzFyE6gqzW2
KTatc11TrG8X48KxBLScfNn1nITRIukvS+4de0rvQSm6vsb59enXeJc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:05:54 2025 by rpki-client